IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Networking Forum / I dont have DKIM senderid spf and Im not blocked :-)
Post #313,384
by boxley
9/1/09 7:38:42 PM
Reply
New I dont have DKIM senderid spf and Im not blocked :-)
per rfc dkim an unsigned mail is no different than a signed mail. No reputation is accrued because you sign with dkim successfully. 1/2 of the spam we receive is successfully dkim signed.
Post #313,386
by folkert
Picture of folkert
9/1/09 7:55:37 PM
Reply
New Yes, I understand that Bill.
But NO SPF record adds 2-3 points to your spam score (taking only a "5" to qualify) is seriously not worth NOT having one (being the default neutral). Having a "-all" and mail coming from your domain that *IS NOT* from allowed addresses (being a negative return) adds 3-5 points to spam scores (but not plus the 2-3 for no record).

This mean you can reduce mail spam scores from your real mail servers by 2-3 points, plus add 3-5 points to fakers.

DKIM and SenderID are not ideal solution anyway. DKIM is easy to implement and publish the public keys so... spammer use it *AND* SPF.

Also using the "-all" at the end of your SPF record says *ONLY THESE IP/HOSTs* are authorized to send mail for your domain.

Most places use SPF as another tick mark against depending on the outcome (neutral or negative/not-authorized). Having an SPF record proper gives YOUR mail a much better chance of getting through.

Now the Spammers that are properly signing and publishing stuff... you have a real target to go after then. They can and are seriously blacklisted, no amounts of SPF or DKIM will truly overcome the SPAM additives in the scoring engines.
Post #313,388
by boxley
9/1/09 8:27:33 PM
Reply
New Re: Yes, I understand that Bill.
you must be talking about corporate antispam rules. An ISP has to be much more lenient as the customer has decided that ISP delivers mail to them so unless it is a phish pharm or balatant spam is should be delivered to the in box on the off chance the customer wants it. If you dont think that is true put 10 geeks in a room and let them discuss mail from the edge and you will sure see a lot of disparate interests. SPF is implemeted broken in so many places it is almost useless to derive much reputation from that. Now you have legitimate hosters like hotmail business services that use large data centers world wide natted behind a few IP addresses that compound the problem. Corporate antispam is easy peasey. For a large ISP not so much as the false positive rate has to be kept low while still offering protection to its customers
     Any way to see if ISPs are blocking my domain? - (drook) - (29) - Sept. 1, 2009, 09:26:19 AM EDT
         not that way - (boxley) - (14) - Sept. 1, 2009, 09:40:55 AM EDT
             Symptoms suggest a block, not DNS - (drook) - (13) - Sept. 1, 2009, 09:48:33 AM EDT
                 maybe a corporate ban? - (boxley) - (12) - Sept. 1, 2009, 11:16:43 AM EDT
                     Yup, sounds like a problem at the user's end. -NT - (Andrew Grygus) - (11) - Sept. 1, 2009, 11:54:39 AM EDT
                         That's what I thought until I got the second report - (drook) - (10) - Sept. 2, 2009, 02:29:34 AM EDT
                             More Like Cache Poisoning. - (folkert) - (9) - Sept. 2, 2009, 07:09:07 AM EDT
                                 looks like that "shortcut" domain might be available. - (folkert) - (4) - Sept. 2, 2009, 08:21:44 AM EDT
                                     How would that help me? -NT - (drook) - (3) - Sept. 2, 2009, 08:23:36 AM EDT
                                         Re: How would that help me? - (folkert) - (2) - Sept. 2, 2009, 08:42:43 AM EDT
                                             It's got to be pronounceable - (drook) - (1) - Sept. 2, 2009, 09:43:36 AM EDT
                                                 The 301 is a single re-write rule in Apache. - (folkert) - Sept. 2, 2009, 12:27:52 PM EDT
                                 Dammit, just got another report it's not coming up - (drook) - (3) - Sept. 4, 2009, 09:29:51 AM EDT
                                     What is comes down to I think... - (folkert) - (2) - Sept. 4, 2009, 03:47:49 PM EDT
                                         How about "ns1.aplus.net"? -NT - (drook) - (1) - Sept. 4, 2009, 04:57:02 PM EDT
                                             Sweet! - (folkert) - Sept. 4, 2009, 07:24:39 PM EDT
         pro2.abac.com == 66.226.64.3 == cooklikeyourgrandmother.com - (folkert) - (13) - Sept. 1, 2009, 06:49:39 PM EDT
             one more, you've got *NO* SPF/DKIM/SenderIP records... - (folkert) - (12) - Sept. 1, 2009, 07:05:18 PM EDT
                 I dont have DKIM senderid spf and Im not blocked :-) - (boxley) - (2) - Sept. 1, 2009, 07:38:42 PM EDT
                     Yes, I understand that Bill. - (folkert) - (1) - Sept. 1, 2009, 07:55:37 PM EDT
                         Re: Yes, I understand that Bill. - (boxley) - Sept. 1, 2009, 08:27:33 PM EDT
                 Bleurgh ... gotta do some reading - (drook) - (8) - Sept. 1, 2009, 08:41:39 PM EDT
                     I find all this stuff rather scary, myself. - (Another Scott) - (3) - Sept. 1, 2009, 08:57:25 PM EDT
                         I guess it's a noble effort. - (static) - (2) - Sept. 1, 2009, 09:04:49 PM EDT
                             I've been thinking about going the OTHER way. - (folkert) - (1) - Sept. 1, 2009, 10:50:45 PM EDT
                                 That's the direction I've been going - (drook) - Sept. 2, 2009, 12:46:47 AM EDT
                     here ya go - (boxley) - (3) - Sept. 1, 2009, 10:44:13 PM EDT
                         Are you serious? - (drook) - (2) - Sept. 2, 2009, 12:38:31 AM EDT
                             stuff like that interests me, but I understand it - (boxley) - (1) - Sept. 2, 2009, 08:05:31 AM EDT
                                 Speaking of sausage, You see the recent... - (folkert) - Sept. 2, 2009, 08:34:25 AM EDT

I don't know who thought this up, but it certainly wasn't a bird.
72 ms